Common use of Verification Phase Clause in Contracts

Verification Phase. This phase executes several steps to achieve mutual authentication which is to test all transmitted message for judging the legitimacies of a Ui, GWN, and sensor node. As well as a session key agreement between all parties involved within the network. When GWN receives the login request message from the Ui, the verification phase begins. The following describes this process in detail. (1) GWN first checks the validity of the time-stamp |T1j − T1| < ∆T. GWN computes k = h(DIDi||h(xa)||T1) and decrypts Dk(Ai) = {DIDi, R1, T1}. GWN then compares DIDi and T1 with the received values. If this condition is satisfied, GWN acknowledges the legitimacy of the Ui and proceeds with the next step. Otherwise, it terminates this phase. (2) GWN chooses R2 ∈ {0, 1}l , and computes Mi = R2 ⊕ h(xs||SIDn). GWN further computes SK = h(DIDi||h(xs||SIDn)||R2||T2) and Bi = h(DIDi||SK||h(xs||SIDn)||SIDn||T2), and then sends the message (Mi, ▇▇▇▇, Bi, T2) to Sn through a public channel. (3) Sn first checks whether |T2j − T2| < ∆T. If this condition does not hold, this phase is terminated. Otherwise, it computes R2 = Mi ⊕ h(xs||SIDn) and SK = h(DIDi||h(xs||SIDn)||R2||T2). The Sn further computes Bi∗ = h(DIDi||SK||h(xs||SIDn)||SIDn||T2) and compares it with the received value Bi. If this condition is satisfied, ▇▇ believes that the GWN is authentic. Otherwise, it terminates this phase. (4) Sn computes Ci = h(h(xs||SIDn)||SK||DIDi||SIDn||T3), and then sends the message (Ci, T3) to (5) GWN first checks whether |T3j − T3| < ∆T. If the relationship does not hold, this phase is terminated. Otherwise, it computes Ci∗ = h(h(xs||SIDn)||SK||DIDi||SIDn||T3), and compares it with the received value Ci. If true, GWN believes that the Sn is authentic. Otherwise, it terminates this phase. (6) GWN computes Di = Ek(DIDi||SIDn||SK||R1||T4), and sends the message (Di, T4) to Ui through a public channel. (7) Ui first checks whether |T4j − T4| ≤ ∆T. If the relationship does not hold, it terminates this phase. Otherwise, it computes Dk(Di) = {DIDi, SIDn, SK, R1, T4}, and compares DIDi, R1 and T4 with the previous values. If the verification does not hold, it terminates this phase. Otherwise, the Ui believes that GWN is authentic, and successfully ends the verification phase. From the above descriptions, in verification phase of our proposed scheme, the message size of the (Mi, DIDi, Bi, T2), (Ci, T3), and (Di, T4) can be computed as (20 + 20 + 20 + 19) = 79 bytes, (20 + 19) = 39 bytes, and (20 + 19) = 39 bytes, respectively.

Verification Phase. This phase executes several steps to achieve mutual authentication which is to test all transmitted message for judging the legitimacies of a Ui, GWN, and sensor node. As well as a session key agreement between all parties involved within the network. When GWN receives the login request message from the Ui, the verification phase begins. The following describes this process in detail. (1) GWN first checks the validity of the time-stamp |T1j − T1| < ∆T. GWN computes k = h(DIDi||h(xa)||T1h(h(IDi||xa)||T1) and decrypts Dk(Ai) = {DIDiIDi, R1, T1}. GWN then compares DIDi IDi and T1 with the received values. If this condition is satisfied, GWN acknowledges the legitimacy of the Ui and proceeds with the next step. Otherwise, it terminates this phase. (2) GWN chooses R2 ∈ {0, 1}l , and computes Mi = R2 ⊕ h(xs||SIDn). GWN further computes SK = h(DIDi||h(xs||SIDn)||R2||T2h(IDi||h(xs||SIDn)||T2) and Bi = h(DIDi||SK||h(xs||SIDn)||SIDn||T2h(h(xs||SIDn)||SK||SIDn||IDi||T2), and then sends the message (Mi, ▇▇▇▇IDi, Bi, T2) to Sn through a public channel. (3) ID h x SID T and Sn first checks whether |T2j − T2| < ∆T. If this condition does not hold, this phase is terminated. Otherwise, it Sn then computes R2 = Mi ⊕ h(xs||SIDn) and SK = h(DIDi||h(xs||SIDn)||R2||T2h( i|| ( s|| n)|| 2) Bi∗ = h(h(xs||SIDn)||SK||SIDn||IDi||T2). The Sn further computes compares Bi∗ = h(DIDi||SK||h(xs||SIDn)||SIDn||T2) and compares it with the received value Bi. If this condition is satisfied, ▇▇ believes that the GWN is authentic. Otherwise, it terminates this phase. (4) Sn computes Ci = h(h(xs||SIDn)||SK||DIDi||SIDn||T3h(h(xs||SIDn)||SK||IDi||SIDn||T3), and then sends the message (Ci, T3) to (5) GWN first checks whether |T3j − T3| < ∆T. If the relationship does not hold, this phase is terminated. Otherwise, it GWN then computes Ci∗ = h(h(xs||SIDn)||SK||DIDi||SIDn||T3h(h(xs||SIDn)||SK||IDi||SIDn||T3), and compares it with the received value Ci. If true, GWN believes that the Sn is authentic. Otherwise, it GWN terminates this phase. (6) GWN computes Di = Ek(DIDi||SIDn||SK||R1||T4Ek(IDi||SIDn||SK||R1||T4), and sends the message (Di, T4) to Ui through a public channel. (7) Ui first checks whether |T4j − T4| ≤ ∆T. If the relationship does not hold, it terminates this phase. Otherwise, it computes Ui decrypts Dk(Di) = {DIDiIDi, SIDn, SK, R1, T4}, } and compares DIDiIDi, R1 and T4 with the previous values. If the verification does not hold, it terminates this phasephase is terminated. Otherwise, the Ui believes that the GWN is authentic, and successfully ends the verification phase. From the above descriptions, in verification phase of our proposed Chen et al.’s scheme, the message size of the (Mi, DIDiIDi, Bi, T2), (Ci, T3), and (Di, T4) can be computed as (20 + 20 8 + 20 + 19) = 79 47 bytes, (20 + 19) = 39 bytes, and (20 + 19) = 39 bytes, respectively.